Threat actor · all actors
EquationG0020 state
🇺🇸 US · NSA · TAO
aka Equation, Equation Group, Tilded Team, EQGRP, G0020
Last updated: 2026-07-03
3attributed CVEs
7ATT&CK techniques
11.1IDF score (tooling uniqueness)
1exclusive CVEs
2010–2022years active
About this actor
[Equation](https://attack.mitre.org/groups/G0020) is a sophisticated threat group that employs multiple remote access tools. The group is known to use zero-day exploits and has developed the capability to overwrite the firmware of hard disk drives. (Citation: Kaspersky Equation QA)
Source: MITRE ATT&CK
Activity timeline
- 2022 — 1 KEV added
- 2013 — 1 CVE published
- 2012 — 1 CVE published
- 2010 — 1 CVE published
Profile
| CVE | Risk | CVSS | EPSS | Published | Products |
|---|---|---|---|---|---|
CVE-2010-2568 KEV | 10.0 | 7.8 | 0.9734 | 2010-07-22 | see CVE |
CVE-2012-0159 | 8.0 | 0.0 | 0.8568 | 2012-05-09 | see CVE |
CVE-2013-3894 | 8.0 | 8.1 | 0.9312 | 2013-10-09 | see CVE |
Mitigating controls (NIST 800-53)
| Control | Techniques covered | Coverage |
|---|---|---|
AC-2 | 1 / 7 | 14% |
AC-3 | 1 / 7 | 14% |
AC-5 | 1 / 7 | 14% |
AC-6 | 1 / 7 | 14% |
CM-2 | 1 / 7 | 14% |
CM-3 | 1 / 7 | 14% |
CM-5 | 1 / 7 | 14% |
CM-6 | 1 / 7 | 14% |
CM-8 | 1 / 7 | 14% |
IA-2 | 1 / 7 | 14% |
IA-7 | 1 / 7 | 14% |
IA-8 | 1 / 7 | 14% |
RA-9 | 1 / 7 | 14% |
SA-10 | 1 / 7 | 14% |
SA-11 | 1 / 7 | 14% |
Co-occurring actors
- NEODYMIUM 1 shared CVEs
- PROMETHIUM 1 shared CVEs
- ZIRCONIUM 1 shared CVEs
Similar actors
Similar TTPs
- Strider 0.18
- Nomadic Octopus 0.06
- DarkHydrus 0.06
- CopyKittens 0.05
- RedDelta Modified PlugX Infection Chain Operations 0.05
Overlapping CVEs
- ZIRCONIUM 0.25
- NEODYMIUM 0.07
- PROMETHIUM 0.07
Active in same years
- NEODYMIUM 4.00
- PROMETHIUM 4.00
- APT29 2.00
- Naikon 2.00
- Threat Group-3390 2.00
Same nation-state
- Amazon.com (Walmart logistics engineer recruitment civil claims) 1.00
- Anthropic (OpenAI / Google researcher-recruitment claims) 1.00
- Apple Inc. (Masimo pulse-oximetry trade-secret 2020-2024) 1.00
- Avant! Corporation (Cadence Design Systems case) 1.00
- Citadel Securities (Jump Trading trade-secret 2014-2016) 1.00
Same category
- Night Dragon 1.00
- FunnyDream 1.00
- C0011 1.00
- Operation Wocao 1.00
- Operation Dream Job 1.00